1. Field of the Invention
The present invention relates generally to computer software and computer network applications. More particularly, the present invention relates to methods and apparatus for permitting transactions across a firewall via Electronic Mail.
2. Discussion of Related Art
In today""s technologically advanced society, companies and organizations often have a large number of computers as well as employees. Since multiple sites are often maintained, it is common for such entities to maintain the computer systems in locations that are situated a large distance apart from one another. Thus, it is often desirable to provide a means for communicating among the employees at these separate locations. In addition, resources such as programs and data are often shared among these employees. Accordingly, such entities often enable such communication and resource sharing through one or more networks.
In addition to providing communication among computers within a single entity (e.g., company), it is often desirable to enable communication with outside networks. By way of example, the Internet is a resource that is widely used by the general population. However, many entities store valuable and confidential information on internal networks. Accordingly, it is important that the security and integrity of this information be preserved while permitting access to and from outside networks.
While it is desirable to permit flow of information between internal networks and outside networks, it is important that access to confidential information be limited to intended individuals (e.g., individuals employed within the company). Similarly, it is imperative that the integrity of data and programs within an entity""s system be protected from corruption. This is particularly important in view of the recent popularity of the Internet. Thus, many companies implement firewalls to filter traffic entering and leaving the network.
One standard firewall configuration includes two routers that filter packets and an application gateway. One router filters outgoing packets while another router filters incoming packets according to various filtering rules. Typically, tables store these filtering rules, which may list, for example, those sources and destinations that are acceptable. In addition, the application gateway operates at the application level. By way of example, an application gateway may be set up to examine the content of each incoming or outgoing e-mail message. In this manner, an added level of security may be added to any network.
While a firewall is desirable in many instances to provide a high level of security in a given network, such a security feature may create undesirable limitations. For instance, it is common for two or more companies to collaborate in their development efforts. In order to facilitate this joint development, it may desirable to permit employees of one company to access documents maintained by another company. However, it is typically impossible to share documents such as source code where a firewall separates the two networks.
In view of the above, it would be beneficial if a firewall could be selectively bypassed to permit source code or other files on one side of a firewall to be accessed by an entity on another side of the firewall.
An invention is described herein that enables document access across a firewall. This is accomplished via a document access request sent via e-mail. In this manner, documents such as source code files may be sent and received across a firewall.
According to one aspect, a method of accessing a document across a firewall includes obtaining a document access request on the first side of the firewall, where the document access request specifies a document control command and an associated file name. The document access request is then packaged in at least one client e-mail. The client e-mail is then sent across the firewall to the second side of the firewall. One or more acknowledgement e-mails are then received across the firewall from the second side of the firewall, where the acknowledgement e-mails specify a status of the executed document control command.
According to another aspect, a method of providing access to a document across a firewall includes receiving a client e-mail across the firewall from the first side of the firewall, where the client e-mail includes a document access request specifying a document control command and an associated file name. The document access request is then executed such that a status of the executed document access request is obtained. An acknowledgement e-mail specifying the status is then sent across the firewall to the first side of the firewall.